Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-11-07 CVE-2017-16649 Divide By Zero vulnerability in Linux Kernel
The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device.
low complexity
linux CWE-369
6.6
2017-11-07 CVE-2017-16648 Use After Free vulnerability in Linux Kernel
The dvb_frontend_free function in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device.
low complexity
linux CWE-416
6.6
2017-11-07 CVE-2017-16647 NULL Pointer Dereference vulnerability in Linux Kernel
drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
low complexity
linux CWE-476
6.6
2017-11-07 CVE-2017-16646 NULL Pointer Dereference vulnerability in Linux Kernel
drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (BUG and system crash) or possibly have unspecified other impact via a crafted USB device.
low complexity
linux CWE-476
6.6
2017-11-07 CVE-2017-16645 Out-of-bounds Read vulnerability in Linux Kernel
The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims-pcu.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (ims_pcu_parse_cdc_data out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
low complexity
linux CWE-125
6.6
2017-11-07 CVE-2017-16644 7PK - Errors vulnerability in Linux Kernel
The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device.
low complexity
linux CWE-388
6.6
2017-11-07 CVE-2017-16643 Out-of-bounds Read vulnerability in Linux Kernel
The parse_hid_report_descriptor function in drivers/input/tablet/gtco.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
low complexity
linux CWE-125
6.6
2017-11-07 CVE-2017-2913 Improper Certificate Validation vulnerability in Meetcircle Circle With Disney Firmware 2.0.1
An exploitable vulnerability exists in the filtering functionality of Circle with Disney.
network
high complexity
meetcircle CWE-295
5.9
2017-11-07 CVE-2017-2912 Improper Validation of Certificate with Host Mismatch vulnerability in Meetcircle Circle With Disney Firmware 2.0.1
An exploitable vulnerability exists in the remote control functionality of Circle with Disney running firmware 2.0.1.
network
high complexity
meetcircle CWE-297
5.9
2017-11-07 CVE-2017-2911 Improper Validation of Certificate with Host Mismatch vulnerability in Meetcircle Circle With Disney Firmware 2.0.1
An exploitable vulnerability exists in the remote control functionality of Circle with Disney running firmware 2.0.1.
network
high complexity
meetcircle CWE-297
5.9